/*
 * Copyright 2010 Assert Developments
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package be.ad.coffeebreak.web.controllers;

import be.ad.coffeebreak.domain.User;
import be.ad.coffeebreak.services.SecurityService;
import be.ad.coffeebreak.web.support.WebContext;
import org.springframework.validation.BindException;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.SimpleFormController;
import org.springframework.web.servlet.view.RedirectView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author Stefan Bangels
 */
public class LoginController extends SimpleFormController {

    protected SecurityService securityService;

    @SuppressWarnings("unused")
    public void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }

    public LoginController() {
        setFormView("login");
        setSuccessView("home.html");
        setCommandClass(User.class);
    }

    @Override
    protected ModelAndView onSubmit(
            HttpServletRequest request, HttpServletResponse response, Object command, BindException errors)
            throws Exception {
        String email = request.getParameter("email");
        String password = request.getParameter("password");
        User user = securityService.authenticateUser(email, password);
        if (user == null) {
            return new ModelAndView(getFormView(), "message", "login.failed");
        } else {
            WebContext.setUser(request, user);
            return new ModelAndView(new RedirectView(getSuccessView()));
        }
    }

}
